CVE-2016-2148

🗓️ 09 Feb 2017 15:00:00Reported by Debian Security Bug TrackerType

debiancve

debiancve🔗 security-tracker.debian.org👁 54 Views

Heap-based buffer overflow in DHCP clien

Reporter	Title	Published	Views	Family All 72
AlpineLinux	CVE-2016-2148	9 Feb 201715:00	–	alpinelinux
BDU FSTEC	The vulnerability of DHCP clients in UNIX-based systems with BusyBox command-line utilities relates to the issue of exceeding the allowed buffer data limits. This allows attackers to access confidential data, compromise its integrity, and cause service failures.	2 Jul 202100:00	–	bdu_fstec
Cloud Foundry	USN-3935-1: BusyBox vulnerabilities \| Cloud Foundry	12 Apr 201900:00	–	cloudfoundry
CNVD	BusyBox OPTION_6RD Parsing Heap Buffer Overflow Vulnerability	16 Mar 201600:00	–	cnvd
CVE	CVE-2016-2148	9 Feb 201715:00	–	cve
Cvelist	CVE-2016-2148	9 Feb 201715:00	–	cvelist
Debian	[SECURITY] [DLA 1445-1] busybox security update	27 Jul 201804:39	–	debian
Debian	[SECURITY] [DLA 2559-1] busybox security update	15 Feb 202111:56	–	debian
Tenable Nessus	Debian DLA-2559-1 : busybox security update	16 Feb 202100:00	–	nessus
Tenable Nessus	F5 Networks BIG-IP : BusyBox vulnerability (K000156994)	14 Oct 202500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Debian	11	any	busybox	1:1.27.2-1	busybox_1:1.27.2-1_any.deb
Debian	12	any	busybox	1:1.27.2-1	busybox_1:1.27.2-1_any.deb
Debian	13	any	busybox	1:1.27.2-1	busybox_1:1.27.2-1_any.deb
Debian	14	any	busybox	1:1.27.2-1	busybox_1:1.27.2-1_any.deb
Debian	999	any	busybox	1:1.27.2-1	busybox_1:1.27.2-1_any.deb

09 Feb 2017 15:00Current

7.2High risk

Vulners AI Score7.2

CVSS 27.5

CVSS 3.19.8

EPSS0.28429

cve-2016-2148 busybox udhcpc buffer overflow dhcp client option_6rd parsing unix